Cloud service-provider offerings continue to grow rapidly, among which are those for disaster recovery (DR) services. Disaster recovery practices began long before the founding of the term “cloud” — so this is nothing new to industry and business. Many methodologies have evolved over the years, beginning with making copies of data to floppy disks or cassette tape, which were then stored in an offsite location. As data grew, DR practices migrated to massive robotic-managed tape libraries that also copied the data to magnetic media for storage at alternative, protected locations.
The state and practices of DR are still evolving as our industry finds that the total costs and upkeep for on-premises tape, optical or other mediums — which are still quite prevalent — keep growing in sync with storage systems and the data sets themselves. Steadily these practices are moving to the cloud; with that being any of the cloud-flavors from private onsite systems to third-party managed offsite solutions, or any of the various public cloud solutions.
The driving forces moving DR to the cloud are many, and the cloud services available to support DR are just as vast. Historically, DR meant finding an alternative location to store data or operate from when or if disaster struck. Our industry realized that the planning and budgeting for a second site to either operate from or store and maintain critical operational components had, until recent times, been addressed by putting those assets (both physical and soft) in another building owned and operated by the enterprise.
Alternatives to the “owned and operated” method include third-party resources (e.g., Iron Mountain), a “co-lo” (collocated) data center also operated by a third party, or by completely replicating operations at another purpose-built site, which might be shared with others or kept in the dark until needed. Those, and variations on those solutions, now have yet another equally effective solution with a pay-as-you-go approach that is essentially a hands-off model once up and running. That model is today’s cloud.
ENTERPRISE RISK MANAGEMENT
Risk to the enterprise is one of the highest priority business continuity issues an organization can face. Data has become the heart of most organizations, whether in the trade and commerce world or in the media and entertainment space. Beyond direct security issues (i.e., the compromise of the enterprise’s data), the loss of its assets — as data — ranks a close second.
To protect these business assets, most organizations will, at the very least, adopt relatively simple and often inconsistent methodologies for media asset backups. The simpler approach is no longer wise or practical in today’s business environment. Scenarios implemented for data protection and business continuity are usually left to the IT department. In the past these methods may have consisted of linear data tapes managed by a third-party software-based backup solution which replicates, in a compressed format, the data added to the storage drives since the last full backup.
Today, given the huge volumes of data being accumulated, irrespective of the business model, this is a cumbersome solution steeped in manual steps that can easily overwhelm IT administration roles.
Automated, unattended methods are becoming the norm and those solutions are best implemented using cloud services technologies.
PROTECTING THE ASSETS
For any IT department charged with protecting the company’s data assets there should be some fundamental common practices employed to provide sufficient levels of data protection enterprise-wide.
Disruptions caused by an inability to get at its data, wherever it is, can cost thousands of dollars per day, per hour or per minute. If you’re a content distributor, the loss of some materials could cause irreparable harm, especially if it is a highly promoted program with a high dollar revenue return expectation.
To prevent such disruptions, IT departments should maintain an updated, tested and monitored DR solution with verifiable backups that can be executed rapidly—regardless of how or where the backups are executed or located. If the organization prefers to use conventional “digital tape” methodologies, at least one, and preferably two, regular sets of “full backups,” augmented by incremental backups, should be maintained.
DR CANNOT BE IGNORED
When it comes to a serious data compromise that causes a near total loss of assets, the disaster may be irrecoverable. Statistics indicate that 43% of businesses that experience a disaster will never reopen (per VMware, “Disaster Recovery: Any way you want it,” McGladrey and Pullen).
DR requires a prescribed level of labor and services, which is often incomplete or sometimes ignored. Besides having the data sets replicated, all your applications, configurations and operating systems should be included in the overall DR processes. Traditional DR comprised of setting up and maintaining a separate site, is expensive, complicated and time consuming. And the best test of whether your DR solution is adequate is based on how quickly the organization can fully recover when or if the requirements present itself.
Questions to fully understand include: When disaster strikes, who handles the reconstruction of the network and the re-enablement of the protected data? Do the administrators have the capability to accurately estimate the time to partial and then execute a full recovery?
Does the organization have a simulation or test drill of process to identify gaps, holes or unexpected issues? How often is this simulation tested and does it have a means to grow from (i.e., expand as services expand)?
These previously described practices are fraught with complicated and often impractical implementation issues. In the case where the facility was heavily compromised because of an extended power loss, fire, forced evacuation, physical vandalism or even ransomware, then the DR process — no matter how complete or well thought out — is valueless if there is not a secondary data center or technical site available from which to operate from.
Today’s business environments mandate that alternatives be developed. Looking to a cloud solution can be a game saver for any organization.
Cloud-based disaster recovery practices emerged well over a decade ago. As the sophistication of cloud technologies expanded, so did the viability of DRaaS or “disaster recovery as a service.”
DRaaS, in the cloud, can be a standalone provision and may be configured for near-instant recovery. In similar fashion to the ACO switch (automatic change over) on a broadcast master sync generator — a fully engaged, standby-ready DR system can essentially transition to an operational environment nearly seamlessly.
DRaaS typically will run in your own private-cloud or in a third-party private-cloud. DRaaS may be a part of a number of other cloud-based services already utilized by your organization at a local or enterprise level. If the organization is a playout or content prep center that routinely depends upon the cloud for other services (e.g., ingest collections, transcoding or preparation for CDN or OTT), then linear playout from a master control could be switched to provide the DRaaS option simply by a manual or automated command.
FULL-TIME MONITORING
For third-party DRaaS operations, monitoring of the services should be provided on a 24/7/365 basis. Under a managed service contract, DR execution can be manual or automatic and is usually based on rules governed as a BPM (business process management) solution set. Pricing is based on the platform count, what is protected, if there is long-term deep asset archival included, and on the amount of storage needed and accessibility to the storage (data) itself.
Services can include straightforward IP backup, tape alternative data protection, on-site and offsite backup, and replication of data to a public cloud if part of the business plan.
DEVIL IN THE DETAILS
Understanding the details of a complete implementation requires levels of analysis outside what many organizations typically do — and the analysis methodology is outside the scope of this column. Employing an outside entity that offers the bridging technologies to address DRaaS are well worth the added incremental costs.
IDC Research recommends that DRaaS suppliers be ready and capable to help potential DRaaS clients with their other “DR and business continuity requirements.” Such assistance includes helping with risk analysis, migration planning and process development. Other aids and benefits include those summarized in Fig. 1.
Nonetheless, the possibilities embedded into cloud services for DRaaS are endless, making it an intelligent choice for your data assets’ future.
Karl Paulsen is CTO at Diversified (www.diversifiedus.com) and a SMPTE Fellow. Contact Karl at [email protected].
